The API is a tool for the merchant that needs a custom commerce solution. It is an application programming interface (API) used by merchants to build complex Web sites or other custom systems that process payments. There are also tax and shipping calculators and an Electronic Softgood Download module available for use with the API. The API enables full-featured, highly secure and reliable e-commerce Web sites and custom retail implementations. The API includes Global Gateway(previously Linkpoint) Central for comprehensive store management.
A merchant uses the API software modules to build the payment solution that fits the merchant's unique needs. Modules offered are:
Merchants can pick and choose modules as needed. For credit card payments, all of the interactions with credit card processors and financial institutions are resolved and managed through the API payment module. For electronic check payments, all of the interactions with financial institutions are resolved and managed through the API VirtualCheck module. Once a merchant has integrated the API payment module into a Web site, a customer can purchase items on the merchant's Web site and all payment details are processed automatically. Merchants can then review transaction activity by visiting Global Gateway(previously Linkpoint) Central. Let's follow a simple transaction as it travels from the customer's order to approval.
The Gateway provides data encryption, server authentication, message integrity and optional client authentication for a TCP/IP connection by the Secure Sockets Layer (SSL) protocol. SSL is a protocol developed by Netscape® to provide secure transmission of private information that is sent over the Internet. This protocol uses public and private key pairs to encrypt data. The public and private keys are dissimilar and each pair is unique; therefore, the keys possessed verify the sender's identity. The public key is distributed to the merchant, ISP or CSP in the form of a digital certificate, which contains information that can verify the key holder identity and the key validity. The private key is kept confidential and remains on the Payment Gateway. If data is encrypted with the private key, only the public key can decrypt it. If data is encrypted with the public key, only the private key can decrypt it. This process prevents the data from being compromised while in transit.
You need to have some programming skills to use the API. Any of the following languages can be used to invoke the API:
All the Global Gateway (previously Linkpoint) software and related documentation is downloadable from the downloads section of http://www.linkpoint.com. You will need a live merchant account with a Global Gateway (previously Linkpoint)-compatible merchant service provider or a Global Gateway (previously Linkpoint) test account before you can use the Global Gateway (previously Linkpoint) software.
We do not offer SDKs, but we offer the software modules in many different programming languages.
Fraud protection measures included with all Global Gateway (previously Linkpoint) payment services are:
For more information on each of these fraud protection capabilities, please refer to the Global Gateway (previously Linkpoint) Central Help files or the LPC user manual.
Log into https://www.LinkPointCentral.com. Click on «Admin», then on «Fraud Settings». Please refer to the Global Gateway (previously Linkpoint) Central Help files or user manual for further instructions.
Yes. Log into https://www.LinkPointCentral.com. Click on «Reports» and choose your preferred report. Please refer to the Global Gateway (previously Linkpoint) Central Help files or user manual for further instructions.
When your application is approved, you will receive an introductory e-mail titled "Welcome to Global Gateway (previously Linkpoint) API". The following information is included in this e-mail:
Welcome e-mails can be resent if the original e-mails are lost. Please contact firstname.lastname@example.org to resend your welcome e-mail.
The owner of the account should have received a Welcome e-mail when the merchant account was opened. You must have a Global Gateway(previously Linkpoint) API account in order to receive this e-mail. If you lost this e-mail, you will have to call your merchant account provider to have the e-mail resent at 1-800 456-5989 X4100 (human interaction is a security requirement). At the very end of the message (embedded in the e-mail text) will be the digital certificate, which is your pem file. Follow the instructions given in the e-mail exactly to save the digital certificate into a file on your Web server with a .pem extension. Note the location (path) to the pem file.
At the bottom of the Welcome e-mail is a copy of your digital certificate. If you are using an ISP, a copy of this e-mail should have been e-mailed to your ISP. This certificate should be saved as a file on your Web server with a .pem extension. Copy all characters beginning with the line that states, "-----BEGIN RSA PRIVATE KEY-----" through the end of this e-mail where it states, "-----END CERTIFICATE-----" into a file with a .pem extension onto your Web server. Note the path to the pem file.
A digital certificate is a key used on the Internet to identify a company or organization and secure transactions between two parties. When you sign up for the Global Gateway(previously Linkpoint) API service, you receive a digital certificate. The Global Gateway(previously Linkpoint) API software uses this certificate to send SSL-secured payment transactions to the Global Gateway(previously Linkpoint) Secure Payment Gateway. The certificate you receive with the Global Gateway(previously Linkpoint) API solution is used ONLY for Global Gateway(previously Linkpoint) API purposes--it does not make your Web server secure. You will need to obtain a digital certificate from a certificate authority in order to secure your Web server. Your Web server should be properly secured whenever collecting sensitive information from your customers.
The digital certificate is sent in the Welcome e-mail to the merchant and the merchant's ISP or CSP. The Welcome e-mail can be resent upon request. For security purposes, we can only send the certificate to those parties authorized on the merchant account. If you are a developer working for a merchant and have not received the digital certificate, you should ask the merchant to forward the "Welcome to Global Gateway(previously Linkpoint) API" e-mail to you. Make sure you ask the merchant to send the message as an attachment to ensure that no extra characters are inserted into the digital certificate.
While the installation is fairly simple, it varies depending on the scenario. Basically, you need to copy the digital certificate on the welcome letter as a whole; do not break up the RSA and the Certificate-copy it in one piece. Follow these instructions carefully:
Java requires the PEM file to be in pkcs12 format. To convert your PEM file to pkcs12 format, run the following from a command prompt:
openssl pkcs12 -export -in YOURPEM.pem -inkey YOURPEM.pem -out YOURPEM.p12 -passout pass:YOURPASS -name "YOURNAME"
The output *.p12 file and the password are used to pass as parameters for JLinkPointTransaction object If you have a problem converting your PEM file, please contact support.
Please see the list of shopping carts on http://www.linkpoint.com for the latest list of shopping carts. If you do not see the cart you want on the list, please contact us at email@example.com. New carts are not added to the list until they have completed the certification process-your cart may already have been integrated, but not yet added to the list.
If you lose or forget your password, please contact us at 1 (877) 229-8739 or at firstname.lastname@example.org to reset your password.
There is a test server available for merchant testing purposes. Please go to http://www.firstdata.com/gg/apply_test_account.htm to request a test store. Test accounts are completely separate from your live Global Gateway(previously Linkpoint) accounts. If you have any questions about test stores, please e-mail email@example.com.
Yes, you can use the Global Gateway(previously Linkpoint) API periodic billing module to set up daily, weekly, monthly, or annual payments and/or payments made at regular intervals in equal installments. You need to pass the fields in the periodic entity to set up a recurring payment.
To use the tax calculator module, you must first create a fulltax line and send it to us for loading to the server. See Using the Tax Calculator for instructions on creating the fulltax line. Please save the file in text format and send it to firstname.lastname@example.org.
To use the shipping calculator module, you must create a shipping and carrier file to be housed on the Global Gateway (previously Linkpoint) Secure Payment Gateway. The shipping calculator matches the addressing and shipping carrier information from the shipping context with the appropriate pricing data as defined in your shipping file. Please save the file in text format and send it to email@example.com. See Using the Shipping Calculator for further instructions.
The required fields vary by the type of transaction you wish to perform. Please see the Minimum Required Fields section that applies to the type of transaction you need.
If you have been testing with a "live" store, then set the result field in the orderoptions entity to LIVE. If you have been testing with a test store, you need to apply for a live API store and set the result parameter to LIVE. You will also need to change your host name from the staging server host name to the production server host name. You will need to replace your test store number with your live store number. Please refer to the Welcome e-mail for the live store for the production host name and store number.
The Global Gateway (previously Linkpoint) Secure Payment Gateway gives you Address Verification System (AVS) codes to help protect you from costly charge backs and fraud. Whenever you perform a credit card Sale or Authorize Only transaction, the Gateway verifies the customer's address you entered on the Point of Sale page against the address that the card-issuing bank has on file for the customer. The AVS code tells you how well the two addresses match. If the transaction is approved, you will find the 3-digit alphabetic AVS code in the Approval Code (following the approval number and the reference number) on your Transaction Result page. A typical transaction result code might look like this. The AVS code is highlighted. 0097820000019564:YNA M:12345678901234567890123: AVS compares the numeric portion of the street address and the zip code. If both the zip code and street address match, the 3-digit AVS code will begin with a Y. If they do not match, the AVS code will begin with an N. An N indicates a higher probability of fraud. The second character of the code will tell you more about the AVS results (see the table below). You will only get an AVS code if the transaction was approved, regardless of whether the addresses match. If you get an AVS code indicating that the address and/or zip code do not match, it is up to you to decide whether you wish to accept the risk and ship the goods to the customer to complete the transaction.
|YY*||Address matches, zip code matches|
|YN*||Address matches, zip code does not match|
|YX*||Address matches, zip code comparison not available|
|NY*||Address does not match, zip code matches|
|XY*||Address comparision not available, zip code matches|
|NN*||Address does not match, zip code comparison not available|
|NX*||Address does not match, zip code comparison not available|
|XN*||Address comparison not available, zip code does not match|
|XX*||Address comparisons not available, zip code comparison not available|
|(*) -- This is the one character response code sent by the authorizing bank and it varies by card type (e.g., Y,Z,A,N,U,R,S,E,G are valid responses for Visa; Y,Z,A,N,X,W,U,R,S are valid for MasterCard; Y,Z,A,N,U,R,S are valid for American Express and A,Z,Y,N,W,U are valid for Discover).|
You don't need to do anything to set up AVS other than to send the following fields in the billing entity. The AVS response will be automatically included in the transaction response code (as described above).
To help reduce fraud in the card-not-present environment, credit card companies have introduced a card code program. Visa calls this code Card Verification Value (CVV); MasterCard calls it Card Validation Code (CVC); Discover calls it Card ID (CID). The card code is a three- or four- digit security code that is printed on the back of cards. The number typically appears at the end of the signature panel. This helps validate that a genuine card is being used during a transaction, especially in situations like mail orders, telephone orders or Internet orders where the card is not present. All MasterCard cards, both credit and debit, were required to contain CVC2 by January 1, 1997; all Visa cards must contain CVV2 by January 1, 2001. Beginning in October 2003, Discover requires the card code for all Discover transactions. By using the card code results along with the Address Verification Service (AVS), you can make more informed decisions about whether to accept transactions. A typical transaction result code might look like this. The card code result is highlighted. 0097820000019564:YNAM:12345678901234567890123: The last alphabetic character in the middle (M) is a code indicating whether the card code matched the card-issuing bank's code. An "M" indicates that the code matched. This code may or may not be present, depending on whether the card code was passed and the service was available for the type of card used. Below is a table showing all the possible return codes and their meanings.
|M||Card code match|
|N||Card code does not match|
|S||Merchant has indicated that the card code is not present on the card|
|U||Issuer is not certified and/or has not provided encryption keys|
|A blank response should indicate that no code was sent and that there was no indication that the code was not present on the card.|
You don't need to do anything to set up the card code other than to send the following fields in the creditcard entity. The card code response will be automatically included in the transaction response code (as described above)
Yes. There are several:
You need to send us the file that will be downloaded after purchase. We take that file and post it on the Global Gateway(previously Linkpoint) Secure Payment Gateway. Please include all required information necessary, including Store Number. We will send you confirmation when it has been posted. Send files to firstname.lastname@example.org. Please allow 72 hours for posting ESD files. See the ESD chapter for further instructions.
There is no size limit at this time. However, if you are sending very large files, please contact email@example.com to arrange an alternate method of file transfer.
When you sign up for a Global Gateway (previously Linkpoint) Connect or Global Gateway (previously Linkpoint) API account, you will automatically get access to the Global Gateway(previously Linkpoint) Central service. Log in at https://www.LinkPointCentral.com with your store number, user ID and password.
Your IP address change does not affect your API account, so we do not need to update our records.
Visa, MasterCard, Discover, American Express, JCB, and Diner's Club
No, but depending on the bank, the funds are only reserved for 3-10 days.
It depends on the specific language you are using, but, in general, the following platforms are supported.
Run a transaction with the result field in the orderoptions entity set to "GOOD", "DECLINE", or "DUPLICATE".
Potential reasons for each error are listed under the error message below.
Potential reasons for this error:
Potential reasons/fixes for this error:
Potential reasons/fixes for this error:
Potential reasons/fixes for this error:
Make sure that your operating system is supported.
**Unsupported systems include BSDI 4.01 and Digital UNIX.**
The shipping calculator is an optional module that requires a little extra configuration from your side. Once you have created this file, e-mail it to us at firstname.lastname@example.org and we can have it put on the server. Until this file is in place, you will be unable to use the shipping calculator. See Using the Shipping Calculator for further instructions.
You may getting this error because you are passing a 4-digit year (e.g., "2009"). You need to pass a 2-digit month and year (MM & YY) for the card expiration date.
This error is caused when the certificate/pemfile does not match the copy on our side. Please check the following: